In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.
{
"source": [
"CPE_RANGE",
"REFERENCES"
],
"cpe": "cpe:2.3:a:feh_project:feh:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "2.18.2"
}
]
}"2026-07-08T16:53:55Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7875.json"
[
{
"id": "CVE-2017-7875-2316f0a4",
"digest": {
"line_hashes": [
"114611271374651776628541093080720029731",
"41834195195041888171198261125242210801",
"108368789263570908763498376805416493156",
"238841293264128875907687015485774305246"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d",
"deprecated": false,
"target": {
"file": "src/wallpaper.c"
}
},
{
"id": "CVE-2017-7875-5f505e22",
"digest": {
"function_hash": "102306032804263360865648438411247829941",
"length": 677.0
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/derf/feh/commit/f7a547b7ef8fc8ebdeaa4c28515c9d72e592fb6d",
"deprecated": false,
"target": {
"function": "enl_ipc_get",
"file": "src/wallpaper.c"
}
}
]